Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
390
Views
5
Helpful
2
Replies

NAT not NATTING

jphilope
Level 3
Level 3

‎06-04-2008 04:31 AM - edited ‎03-11-2019 05:55 AM

Morning,

Well, we tried. But we were unsuccessful. In the last steps of moving our data center, we moved our default route from our old PIX-525 (6.2.3) to the FWSM (4.0.1). So everything looked good. Those hitting the proxy were still working for surfing, but those things that do not use the proxy did not. Things like the mainframe FTP, those who bypass the proxy, etc. Seems they were not NATTING. The xlate table showed the inside 10.0.X.X network was going to the internet as 10.0.X.X. Our global NAT statement is: NAT (Inside) 1 0.0.0.0 0.0.0.0. Should work right??? Any ideas?

We backed out the change.

Labels:
0 Helpful
2 Replies 2

andrew.prince
Level 10
Level 10

‎06-04-2008 04:48 AM

1 thing could be - you probably missed the command :- nat-control

with no nat-control - all traffic passes thru the device un-natt'd!

Configure "nat-control" and test again?

The other thing, that you have not posted up is the global (outside) 1 "x" or "y"

x = interface

y = a specific IP address

HTH.

jphilope
Level 3
Level 3
In response to andrew.prince

‎06-04-2008 05:16 AM

We do have the global statements on the outside (we called it Internet).

We found the issue. The PAT command was wrong. it was global (Internet) 2 198.185.66.249 Should have been global (Internet) 1 198.185.66.249.

We figured it out when we saw 5 devices getting out on the NAT commands and then nothing more. Ran out of addresses.

It's always something simple...

Thanks.

Jim

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card